1 Answer
- Newest
- Most votes
- Most comments
1
Hello.
Will it succeed if I attach "AmazonDynamoDBReadOnlyAccess" to Lambda's IAM role?
https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonDynamoDBReadOnlyAccess.html
Also, since "Resource" is "arn:aws:dynamodb:[LOCATION]:[ACCOUNT]:table/[TABLE1]//stream/*", "arn:aws:dynamodb:[LOCATION]:[ACCOUNT] ]:table/[TABLE1]/stream/*".
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"dynamodb:GetShardIterator",
"dynamodb:DescribeStream",
"dynamodb:GetRecords",
"dynamodb:ListStreams"
],
"Resource": "arn:aws:dynamodb:[LOCATION]:[ACCOUNT]:table/[TABLE1]/stream/*"
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": "dynamodb:PutItem",
"Resource": "arn:aws:dynamodb:[LOCATION]:[ACCOUNT]:table/[TABLE2]"
}
]
}
Relevant content
- Accepted Answerasked 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 9 months ago
Thank you, the // was the issue that was causing the trigger to not be set up.